function doModel()
{
switch ($this->action) {
case 'login_post':
//post execution for the login
if (!osc_users_enabled()) {
osc_add_flash_error_message(_m('Users are not enabled'));
$this->redirectTo(osc_base_url());
}
osc_csrf_check();
osc_run_hook('before_validating_login');
// e-mail or/and password is/are empty or incorrect
$wrongCredentials = false;
$email = Params::getParam('email');
$password = Params::getParam('password', false, false);
if ($email == '') {
osc_add_flash_error_message(_m('Please provide an email address'));
$wrongCredentials = true;
}
if ($password == '') {
osc_add_flash_error_message(_m('Empty passwords are not allowed. Please provide a password'));
$wrongCredentials = true;
}
if ($wrongCredentials) {
$this->redirectTo(osc_user_login_url());
}
if (osc_validate_email($email)) {
$user = User::newInstance()->findByEmail($email);
}
if (empty($user)) {
$user = User::newInstance()->findByUsername($email);
}
if (empty($user)) {
osc_add_flash_error_message(_m("The user doesn't exist"));
$this->redirectTo(osc_user_login_url());
}
if (!osc_verify_password($password, isset($user['s_password']) ? $user['s_password'] : '')) {
osc_add_flash_error_message(_m('The password is incorrect'));
$this->redirectTo(osc_user_login_url());
// @TODO if valid user, send email parameter back to the login form
} else {
if (@$user['s_password'] != '') {
if (preg_match('|\\$2y\\$([0-9]{2})\\$|', $user['s_password'], $cost)) {
if ($cost[1] != BCRYPT_COST) {
User::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $user['pk_i_id']));
}
} else {
User::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $user['pk_i_id']));
}
}
}
// e-mail or/and IP is/are banned
$banned = osc_is_banned($email);
// int 0: not banned or unknown, 1: email is banned, 2: IP is banned, 3: both email & IP are banned
if ($banned & 1) {
osc_add_flash_error_message(_m('Your current email is not allowed'));
}
if ($banned & 2) {
osc_add_flash_error_message(_m('Your current IP is not allowed'));
}
if ($banned !== 0) {
$this->redirectTo(osc_user_login_url());
}
osc_run_hook('before_login');
$url_redirect = osc_get_http_referer();
$page_redirect = '';
if (osc_rewrite_enabled()) {
if ($url_redirect != '') {
$request_uri = urldecode(preg_replace('@^' . osc_base_url() . '@', "", $url_redirect));
$tmp_ar = explode("?", $request_uri);
$request_uri = $tmp_ar[0];
$rules = Rewrite::newInstance()->listRules();
foreach ($rules as $match => $uri) {
if (preg_match('#' . $match . '#', $request_uri, $m)) {
$request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
if (preg_match('|([&?]{1})page=([^&]*)|', '&' . $request_uri . '&', $match)) {
$page_redirect = $match[2];
if ($page_redirect == '' || $page_redirect == 'login') {
$url_redirect = osc_user_dashboard_url();
}
}
break;
}
}
}
}
require_once LIB_PATH . 'osclass/UserActions.php';
$uActions = new UserActions(false);
$logged = $uActions->bootstrap_login($user['pk_i_id']);
if ($logged == 0) {
osc_add_flash_error_message(_m("The user doesn't exist"));
} else {
if ($logged == 1) {
if (time() - strtotime($user['dt_access_date']) > 1200) {
// EACH 20 MINUTES
osc_add_flash_error_message(sprintf(_m('The user has not been validated yet. Would you like to re-send your <a href="%s">activation?</a>'), osc_user_resend_activation_link($user['pk_i_id'], $user['s_email'])));
} else {
osc_add_flash_error_message(_m('The user has not been validated yet'));
}
} else {
if ($logged == 2) {
osc_add_flash_error_message(_m('The user has been suspended'));
} else {
if ($logged == 3) {
if (Params::getParam('remember') == 1) {
//this include contains de osc_genRandomPassword function
require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
$secret = osc_genRandomPassword();
User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id']));
Cookie::newInstance()->set_expires(osc_time_cookie());
Cookie::newInstance()->push('oc_userId', $user['pk_i_id']);
Cookie::newInstance()->push('oc_userSecret', $secret);
Cookie::newInstance()->set();
}
if ($url_redirect == '') {
$url_redirect = osc_user_dashboard_url();
}
osc_run_hook("after_login", $user, $url_redirect);
$this->redirectTo(osc_apply_filter('correct_login_url_redirect', $url_redirect));
} else {
osc_add_flash_error_message(_m('This should never happen'));
}
}
}
}
if (!$user['b_enabled']) {
$this->redirectTo(osc_user_login_url());
}
$this->redirectTo(osc_user_login_url());
break;
case 'resend':
$id = Params::getParam('id');
$email = Params::getParam('email');
$user = User::newInstance()->findByPrimaryKey($id);
if ($id == '' || $email == '' || !isset($user) || $user['b_active'] == 1 || $email != $user['s_email']) {
osc_add_flash_error_message(_m('Incorrect link'));
$this->redirectTo(osc_user_login_url());
}
if (time() - strtotime($user['dt_access_date']) > 1200) {
// EACH 20 MINUTES
if (osc_notify_new_user()) {
osc_run_hook('hook_email_admin_new_user', $user);
}
if (osc_user_validation_enabled()) {
osc_run_hook('hook_email_user_validation', $user, $user);
}
User::newInstance()->update(array('dt_access_date' => date('Y-m-d H:i:s')), array('pk_i_id' => $user['pk_i_id']));
osc_add_flash_ok_message(_m('Validation email re-sent'));
} else {
osc_add_flash_warning_message(_m('We have just sent you an email to validate your account, you will have to wait a few minutes to resend it again'));
}
$this->redirectTo(osc_user_login_url());
break;
case 'recover':
//form to recover the password (in this case we have the form in /gui/)
$this->doView('user-recover.php');
break;
case 'recover_post':
//post execution to recover the password
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
// e-mail is incorrect
if (!preg_match('|^[a-z0-9\\.\\_\\+\\-]+@[a-z0-9\\.\\-]+\\.[a-z]{2,3}$|i', Params::getParam('s_email'))) {
osc_add_flash_error_message(_m('Invalid email address'));
$this->redirectTo(osc_recover_user_password_url());
}
$userActions = new UserActions(false);
$success = $userActions->recover_password();
switch ($success) {
case 0:
// recover ok
osc_add_flash_ok_message(_m('We have sent you an email with the instructions to reset your password'));
$this->redirectTo(osc_base_url());
break;
case 1:
// e-mail does not exist
osc_add_flash_error_message(_m('We were not able to identify you given the information provided'));
$this->redirectTo(osc_recover_user_password_url());
break;
case 2:
// recaptcha wrong
osc_add_flash_error_message(_m('The recaptcha code is wrong'));
$this->redirectTo(osc_recover_user_password_url());
break;
}
break;
case 'forgot':
//form to recover the password (in this case we have the form in /gui/)
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user) {
$this->doView('user-forgot_password.php');
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
break;
case 'forgot_post':
osc_csrf_check();
if (Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') {
osc_add_flash_warning_message(_m('Password cannot be blank'));
$this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
}
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user['b_enabled'] == 1) {
if (Params::getParam('new_password', false, false) == Params::getParam('new_password2', false, false)) {
User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => Params::getServerParam('REMOTE_ADDR'), 's_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => $user['pk_i_id']));
osc_add_flash_ok_message(_m('The password has been changed'));
$this->redirectTo(osc_user_login_url());
} else {
osc_add_flash_error_message(_m("Error, the password don't match"));
$this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
}
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
}
$this->redirectTo(osc_base_url());
break;
default:
//login
Session::newInstance()->_setReferer(osc_get_http_referer());
if (osc_logged_user_id() != '') {
$this->redirectTo(osc_user_dashboard_url());
}
$this->doView('user-login.php');
}
}
function breadcrumbs($separator = '/')
{
$text = '';
$location = Rewrite::newInstance()->get_location();
$section = Rewrite::newInstance()->get_section();
$separator = ' ' . trim($separator) . ' ';
$page_title = '<a href="' . osc_base_url() . '"><span class="bc_root">' . osc_page_title() . '</span></a>';
switch ($location) {
case 'item':
switch ($section) {
case 'item_add':
break;
default:
$aCategories = Category::newInstance()->toRootTree((string) osc_item_category_id());
$category = '';
if (count($aCategories) == 0) {
break;
}
$deep = 1;
foreach ($aCategories as $aCategory) {
$list[] = '<a href="' . breadcrumbs_category_url($aCategory['pk_i_id']) . '"><span class="bc_level_' . $deep . '">' . $aCategory['s_name'] . '</span></a>';
$deep++;
}
$category = implode($separator, $list) . $separator;
$category = preg_replace('|' . trim($separator) . '\\s*$|', '', $category);
break;
}
switch ($section) {
case 'item_add':
$text = $page_title . $separator . '<span class="bc_last">' . __('Publish an item', 'breadcrumbs');
break;
case 'item_edit':
$text = $page_title . $separator . $category . $separator . '<a href="' . osc_item_url() . '"><span class="bc_item">' . osc_item_title() . '</span></a>' . $separator . '<span class="bc_last">' . __('Edit your item', 'breadcrumbs') . '</span>';
break;
case 'send_friend':
$text = $page_title . $separator . $category . $separator . '<a href="' . osc_item_url() . '"><span class="bc_item">' . osc_item_title() . '</span></a>' . $separator . '<span class="bc_last">' . __('Send to a friend', 'breadcrumbs') . '</span>';
break;
case 'contact':
$text = $page_title . $separator . $category . $separator . '<a href="' . osc_item_url() . '"><span class="bc_item">' . osc_item_title() . '</span></a>' . $separator . '<span class="bc_last">' . __('Contact seller', 'breadcrumbs') . '</span>';
break;
default:
$text = $page_title . $separator . $category . $separator . '<span class="bc_last">' . osc_item_title() . '</span>';
break;
}
break;
case 'page':
$text = $page_title . $separator . '<span class="bc_last">' . osc_static_page_title() . '</span>';
break;
case 'search':
$region = osc_search_region();
$city = osc_search_city();
$pattern = osc_search_pattern();
$category = osc_search_category_id();
$category = count($category) == 1 ? $category[0] : '';
$b_show_all = $pattern == '' && $category == '' && $region == '' && $city == '';
$b_category = $category != '';
$b_pattern = $pattern != '';
$b_region = $region != '';
$b_city = $city != '';
$b_location = $b_region || $b_city;
if ($b_show_all) {
$text = $page_title . $separator . '<span class="bc_last">' . __('Search', 'breadcrumbs') . '</span>';
break;
}
// init
$result = $page_title . $separator;
if ($b_category) {
$list = array();
$aCategories = Category::newInstance()->toRootTree($category);
if (count($aCategories) > 0) {
$deep = 1;
foreach ($aCategories as $single) {
$list[] = '<a href="' . breadcrumbs_category_url($single['pk_i_id']) . '"><span class="bc_level_' . $deep . '">' . $single['s_name'] . '</span></a>';
$deep++;
}
// remove last link
if (!$b_pattern && !$b_location) {
$list[count($list) - 1] = preg_replace('|<a href.*?>(.*?)</a>|', '$01', $list[count($list) - 1]);
}
$result .= implode($separator, $list) . $separator;
}
}
if ($b_location) {
$list = array();
$params = array();
if ($b_category) {
$params['sCategory'] = $category;
}
if ($b_city) {
$aCity = City::newInstance()->findByName($city);
if (count($aCity) == 0) {
$params['sCity'] = $city;
$list[] = '<a href="' . osc_search_url($params) . '"><span class="bc_city">' . $city . '</span></a>';
} else {
$aRegion = Region::newInstance()->findByPrimaryKey($aCity['fk_i_region_id']);
$params['sRegion'] = $aRegion['s_name'];
$list[] = '<a href="' . osc_search_url($params) . '"><span class="bc_region">' . $aRegion['s_name'] . '</span></a>';
$params['sCity'] = $aCity['s_name'];
$list[] = '<a href="' . osc_search_url($params) . '"><span class="bc_city">' . $aCity['s_name'] . '</span></a>';
}
if (!$b_pattern) {
$list[count($list) - 1] = preg_replace('|<a href.*?>(.*?)</a>|', '$01', $list[count($list) - 1]);
}
$result .= implode($separator, $list) . $separator;
} else {
if ($b_region) {
$params['sRegion'] = $region;
$list[] = '<a href="' . osc_search_url($params) . '"><span class="bc_region">' . $region . '</span></a>';
if (!$b_pattern) {
$list[count($list) - 1] = preg_replace('|<a href.*?>(.*?)</a>|', '$01', $list[count($list) - 1]);
}
$result .= implode($separator, $list) . $separator;
}
}
}
if ($b_pattern) {
$result .= '<span class="bc_last">' . __('Search Results', 'breadcrumbs') . ': ' . $pattern . '</span>' . $separator;
}
// remove last separator
$result = preg_replace('|' . trim($separator) . '\\s*$|', '', $result);
$text = $result;
break;
case 'login':
switch ($section) {
case 'recover':
$text = $page_title . $separator . '<span class="bc_last">' . __('Recover your password', 'breadcrumbs') . '</span>';
default:
$text = $page_title . $separator . '<span class="bc_last">' . __('Login', 'breadcrumbs') . '</span>';
}
break;
case 'register':
$text = $page_title . $separator . '<span class="bc_last">' . __('Create a new account', 'breadcrumbs') . '</span>';
break;
case 'user':
$user_dashboard = '<a href="' . osc_user_dashboard_url() . '"><span class="bc_user">' . __('My account', 'breadcrumbs') . '</span></a>';
switch ($section) {
case 'dashboard':
$text = $page_title . $separator . $user_dashboard . $separator . '<span class="bc_last">' . __('Dashboard', 'breadcrumbs') . '</span>';
break;
case 'items':
$text = $page_title . $separator . $user_dashboard . $separator . '<span class="bc_last">' . __('Manage my items', 'breadcrumbs') . '</span>';
break;
case 'alerts':
$text = $page_title . $separator . $user_dashboard . $separator . '<span class="bc_last">' . __('Manage my alerts', 'breadcrumbs') . '</span>';
break;
case 'profile':
$text = $page_title . $separator . $user_dashboard . $separator . '<span class="bc_last">' . __('Update my profile', 'breadcrumbs') . '</span>';
break;
case 'change_email':
$text = $page_title . $separator . $user_dashboard . $separator . '<span class="bc_last">' . __('Change my email', 'breadcrumbs') . '</span>';
break;
case 'change_password':
$text = $page_title . $separator . $user_dashboard . $separator . '<span class="bc_last">' . __('Change my password', 'breadcrumbs') . '</span>';
break;
case 'forgot':
$text = $page_title . $separator . $user_dashboard . $separator . '<span class="bc_last">' . __('Recover my password', 'breadcrumbs') . '</span>';
break;
}
break;
case 'contact':
$text = $page_title . $separator . '<span class="bc_last">' . __('Contact', 'breadcrumbs') . '</span>';
break;
default:
break;
}
echo $text;
return true;
}
function make_userlogin()
{
if (isset($_GET['page'])) {
return;
}
$facebookData = FacebookClassified::newInstance()->selectFacebookData();
$api_id = osc_get_preference('facebook_api_id', 'classified');
$api_secret = osc_get_preference('facebook_api_secret', 'classified');
if (isset($_GET['code']) and !empty($_GET['code'])) {
$code = $_GET['code'];
if (!empty($code)) {
$get_access_data = facebookall_get_fb_contents("https://graph.facebook.com/v2.3/oauth/access_token?" . 'client_id=' . $api_id . '&redirect_uri=' . urlencode(osc_base_url()) . '&client_secret=' . $api_secret . '&code=' . urlencode($code));
$access_data = json_decode($get_access_data, true);
}
if (empty($access_data['access_token'])) {
$get_access_data = facebookall_get_fb_contents("https://graph.facebook.com/v2.3/oauth/access_token?" . 'client_id=' . $api_id . '&redirect_uri=' . urlencode(osc_base_url()) . '&client_secret=' . $api_secret . '&code=' . urlencode($code));
$access_data = json_decode($get_access_data, true);
}
if (!empty($access_data['access_token'])) {
$access_token = $access_data['access_token'];
} else {
echo 'Error : Could not get access token please check your app settings for more about this error<br> Or Follow our doc setion <a href="http://sourceaddons.com/documentation">Documentation Section</a>.';
exit;
}
?>
<script>
window.opener.FbAll.parentRedirect({'action' : 'fball', 'fball_access_token' : '<?php
echo $access_token;
?>
'});
window.close();
</script>
<?php
}
if (!empty($_REQUEST['fball_access_token']) and isset($_REQUEST['fball_redirect'])) {
$user_info = json_decode(facebookall_get_fb_contents("https://graph.facebook.com/v2.3/me?access_token=" . $_REQUEST['fball_access_token']));
Session::newInstance()->_set('fb-token', $_REQUEST['fball_access_token']);
$user_data = get_userprofile_data($user_info);
if (!empty($user_data['email']) and !empty($user_data['id'])) {
// Filter username form data.
if (!empty($user_data['name'])) {
$username = $user_data['name'];
} else {
if (!empty($user_data['first_name']) && !empty($user_data['last_name'])) {
$username = $user_data['first_name'] . $user_data['last_name'];
} else {
$user_emailname = explode('@', $user_data['email']);
$username = $user_emailname[0];
}
}
$user_login = $username;
$new_user = false;
$user_id = get_userid($user_data['id']);
if (empty($user_id)) {
//Not Registered As Facebook User
$u_data = User::newInstance()->findByEmail($user_data['email']);
if (!empty($u_data)) {
//Registered As OSClass but not as Facebook User
$user = User::newInstance()->findByEmail($user_data['email']);
insert_facebook_user_data($user['pk_i_id'], $user_data['id']);
} else {
//New User Not Registered as Facebook User And OSClass User
$new_user = true;
register_user($user_data);
}
}
$manager = User::newInstance();
$oscUser = $manager->findByEmail($user_data['email']);
$email = $oscUser['pk_i_id'];
require_once osc_lib_path() . 'osclass/UserActions.php';
$uActions = new UserActions(false);
$logged = $uActions->bootstrap_login($oscUser['pk_i_id']);
// Redirect user.
osc_redirect_to(osc_user_dashboard_url());
/*
if (!empty ($_GET['redirect_to'])) {
$redirect_to = $_GET['redirect_to'];
wp_safe_redirect ($redirect_to);
}
else {
$redirect_to = facebookall_redirect_loggedin_user();
wp_redirect ($redirect_to);
}
exit();
}
*/
}
}
}
<div class="content-section">
<div class="row">
<div class="col-md-3">
<!-- <h4 class="my-account">My Public Profile</h4> -->
</div>
<div class="com-md-9 text-right">
<div class="my-account1">
<?php
if (osc_is_web_user_logged_in()) {
?>
<?php
echo sprintf(__('Hi %s', 'classified'), osc_logged_user_name() . '! ');
?>
<a class="my_account" href="<?php
echo osc_user_dashboard_url();
?>
"><?php
_e('My account', 'classified');
?>
</a>
<?php
if (nc_osc_get_post_ads_settings()) {
echo "<a class='post_an_ad' href=" . osc_item_post_url() . ">Post an Ad</a>";
}
?>
<a class="log_out" href="<?php
echo osc_user_logout_url();
?>
"><?php
_e('Logout', 'classified');
function twitter_user_menu()
{
$options = array();
$options[] = array('name' => __('Dashboard', 'twitter'), 'url' => osc_user_dashboard_url(), 'class' => osc_is_user_dashboard() ? 'active opt_dashboard' : 'opt_dashboard');
$options[] = array('name' => __('Manage your items', 'twitter'), 'url' => osc_user_list_items_url(), 'class' => osc_is_user_manage_items() ? 'active opt_items' : 'opt_items');
$options[] = array('name' => __('Manage your alerts', 'twitter'), 'url' => osc_user_alerts_url(), 'class' => osc_is_user_manage_alerts() ? 'active opt_alerts' : 'opt_alerts');
$options[] = array('name' => __('My account', 'twitter'), 'url' => osc_user_profile_url(), 'class' => osc_is_user_profile() ? 'active opt_dashboard' : 'opt_account');
echo '<ul class="tabs">';
$var_l = count($options);
for ($var_o = 0; $var_o < $var_l; $var_o++) {
echo '<li class="' . $options[$var_o]['class'] . '" ><a href="' . $options[$var_o]['url'] . '" >' . $options[$var_o]['name'] . '</a></li>';
}
osc_run_hook('user_menu');
echo '</ul>';
}
function doModel()
{
switch ($this->action) {
case 'login_post':
//post execution for the login
if (!osc_users_enabled()) {
osc_add_flash_error_message(_m('Users are not enabled'));
$this->redirectTo(osc_base_url());
}
require_once LIB_PATH . 'osclass/UserActions.php';
$user = User::newInstance()->findByEmail(Params::getParam('email'));
$url_redirect = osc_user_dashboard_url();
$page_redirect = '';
if (osc_rewrite_enabled()) {
if (isset($_SERVER['HTTP_REFERER'])) {
$request_uri = urldecode(preg_replace('@^' . osc_base_url() . '@', "", $_SERVER['HTTP_REFERER']));
$tmp_ar = explode("?", $request_uri);
$request_uri = $tmp_ar[0];
$rules = Rewrite::newInstance()->listRules();
foreach ($rules as $match => $uri) {
if (preg_match('#' . $match . '#', $request_uri, $m)) {
$request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
if (preg_match('|([&?]{1})page=([^&]*)|', '&' . $request_uri . '&', $match)) {
$page_redirect = $match[2];
}
break;
}
}
}
} else {
if (preg_match('|[\\?&]page=([^&]+)|', $_SERVER['HTTP_REFERER'] . '&', $match)) {
$page_redirect = $match[1];
}
}
if (Params::getParam('http_referer') != '') {
Session::newInstance()->_setReferer(Params::getParam('http_referer'));
$url_redirect = Params::getParam('http_referer');
} else {
if (Session::newInstance()->_getReferer() != '') {
Session::newInstance()->_setReferer(Session::newInstance()->_getReferer());
$url_redirect = Session::newInstance()->_getReferer();
} else {
if ($page_redirect != '' && $page_redirect != 'login') {
Session::newInstance()->_setReferer($_SERVER['HTTP_REFERER']);
$url_redirect = $_SERVER['HTTP_REFERER'];
}
}
}
if (!$user) {
osc_add_flash_error_message(_m('The username doesn\'t exist'));
$this->redirectTo(osc_user_login_url());
}
if ($user["s_password"] != sha1(Params::getParam('password'))) {
osc_add_flash_error_message(_m('The password is incorrect'));
$this->redirectTo(osc_user_login_url());
}
$uActions = new UserActions(false);
$logged = $uActions->bootstrap_login($user['pk_i_id']);
if ($logged == 0) {
osc_add_flash_error_message(_m('The username doesn\'t exist'));
} else {
if ($logged == 1) {
osc_add_flash_error_message(_m('The user has not been validated yet'));
} else {
if ($logged == 2) {
osc_add_flash_error_message(_m('The user has been suspended'));
} else {
if ($logged == 3) {
if (Params::getParam('remember') == 1) {
//this include contains de osc_genRandomPassword function
require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
$secret = osc_genRandomPassword();
User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id']));
Cookie::newInstance()->set_expires(osc_time_cookie());
Cookie::newInstance()->push('oc_userId', $user['pk_i_id']);
Cookie::newInstance()->push('oc_userSecret', $secret);
Cookie::newInstance()->set();
}
$this->redirectTo($url_redirect);
} else {
osc_add_flash_error_message(_m('This should never happens'));
}
}
}
}
if (!$user['b_enabled']) {
$this->redirectTo(osc_user_login_url());
}
$this->redirectTo(osc_user_login_url());
break;
case 'recover':
//form to recover the password (in this case we have the form in /gui/)
$this->doView('user-recover.php');
break;
case 'recover_post':
//post execution to recover the password
require_once LIB_PATH . 'osclass/UserActions.php';
// e-mail is incorrect
if (!preg_match('|^[a-z0-9\\.\\_\\+\\-]+@[a-z0-9\\.\\-]+\\.[a-z]{2,3}$|i', Params::getParam('s_email'))) {
osc_add_flash_error_message(_m('Invalid email address'));
$this->redirectTo(osc_recover_user_password_url());
}
$userActions = new UserActions(false);
$success = $userActions->recover_password();
switch ($success) {
case 0:
// recover ok
osc_add_flash_ok_message(_m('We have sent you an email with the instructions to reset your password'));
$this->redirectTo(osc_base_url());
break;
case 1:
// e-mail does not exist
osc_add_flash_error_message(_m('We were not able to identify you given the information provided'));
$this->redirectTo(osc_recover_user_password_url());
break;
case 2:
// recaptcha wrong
osc_add_flash_error_message(_m('The recaptcha code is wrong'));
$this->redirectTo(osc_recover_user_password_url());
break;
}
break;
case 'forgot':
//form to recover the password (in this case we have the form in /gui/)
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user) {
$this->doView('user-forgot_password.php');
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
break;
case 'forgot_post':
if (Params::getParam('new_password') == '' || Params::getParam('new_password2') == '') {
osc_add_flash_warning_message(_m('Password cannot be blank'));
$this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
}
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user['b_enabled'] == 1) {
if (Params::getParam('new_password') == Params::getParam('new_password2')) {
User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => $_SERVER['REMOTE_ADDR'], 's_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => $user['pk_i_id']));
osc_add_flash_ok_message(_m('The password has been changed'));
$this->redirectTo(osc_user_login_url());
} else {
osc_add_flash_error_message(_m('Error, the password don\'t match'));
$this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
}
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
}
$this->redirectTo(osc_base_url());
break;
default:
//login
if (osc_logged_user_id() != '') {
$this->redirectTo(osc_user_dashboard_url());
}
$this->doView('user-login.php');
}
}
/**
* Prints the user's account menu
*
* @param array $options array with options of the form array('name' => 'display name', 'url' => 'url of link')
* @return void
*/
function osc_private_user_menu($options = null)
{
if ($options == null) {
$options = array();
$options[] = array('name' => __('Public Profile'), 'url' => osc_user_public_profile_url(), 'class' => 'opt_publicprofile');
$options[] = array('name' => __('Dashboard'), 'url' => osc_user_dashboard_url(), 'class' => 'opt_dashboard');
$options[] = array('name' => __('Manage your listings'), 'url' => osc_user_list_items_url(), 'class' => 'opt_items');
$options[] = array('name' => __('Manage your alerts'), 'url' => osc_user_alerts_url(), 'class' => 'opt_alerts');
$options[] = array('name' => __('My profile'), 'url' => osc_user_profile_url(), 'class' => 'opt_account');
$options[] = array('name' => __('Logout'), 'url' => osc_user_logout_url(), 'class' => 'opt_logout');
}
$options = osc_apply_filter('user_menu_filter', $options);
echo '<script type="text/javascript">';
echo '$(".user_menu > :first-child").addClass("first");';
echo '$(".user_menu > :last-child").addClass("last");';
echo '</script>';
echo '<ul class="user_menu">';
$var_l = count($options);
for ($var_o = 0; $var_o < $var_l - 1; $var_o++) {
echo '<li class="' . $options[$var_o]['class'] . '" ><a href="' . $options[$var_o]['url'] . '" >' . $options[$var_o]['name'] . '</a></li>';
}
osc_run_hook('user_menu');
echo '<li class="' . $options[$var_l - 1]['class'] . '" ><a href="' . $options[$var_l - 1]['url'] . '" >' . $options[$var_l - 1]['name'] . '</a></li>';
echo '</ul>';
}
function userlogin()
{
osc_redirect_to(osc_user_dashboard_url());
}
<?php
$item = Item::newInstance()->findByPrimaryKey(Params::getParam('itemId'));
if ($item['b_premium'] == 1) {
osc_add_flash_error_message(_m('Seems like this item is premium already'));
osc_redirect_to(osc_user_dashboard_url());
}
?>
<div class="container">
<div style="float:left; width: 50%;">
<label style="font-weight: bold;"><?php
_e("Item's title", 'classified');
?>
:</label> <?php
echo $item['s_title'];
?>
<br/>
<label style="font-weight: bold;"><?php
_e("Premium enhancement price", 'classified');
?>
:</label> <?php
echo osc_get_preference('premium_cost', 'classified');
?>
<br/>
</div>
<input type="hidden" name="itemId" value="<?php
echo Params::getParam('itemId');
?>
"/>
<div>
function moreedit_item_edit()
{
if (Params::getParam('page') == 'item' && Params::getParam('action') == 'item_edit') {
if (osc_get_preference('disable_edit', 'moreedit') == '1') {
osc_add_flash_error_message(__('Sorry, editing is not allowed', 'moreedit'));
if (osc_is_web_user_logged_in()) {
header("location: " . osc_user_dashboard_url());
} else {
header("location: " . osc_base_url());
}
exit;
}
if (osc_get_preference('moderate_edit', 'moreedit') == '1') {
osc_add_flash_info_message(__('Your ad will be needed to be moderated by an admin after you edit it. Until it gets approved it will not be visible to the rest of the users', 'moreedit'));
}
}
}
function doModel()
{
switch ($this->action) {
case 'dashboard':
//dashboard...
$max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5;
$aItems = Item::newInstance()->findByUserIDEnabled(osc_logged_user_id(), 0, $max_items);
//calling the view...
$this->_exportVariableToView('items', $aItems);
$this->_exportVariableToView('max_items', $max_items);
$this->doView('user-dashboard.php');
break;
case 'profile':
//profile...
$user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
$aCountries = Country::newInstance()->listAll();
$aRegions = array();
if ($user['fk_c_country_code'] != '') {
$aRegions = Region::newInstance()->findByCountry($user['fk_c_country_code']);
} elseif (count($aCountries) > 0) {
$aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
}
$aCities = array();
if ($user['fk_i_region_id'] != '') {
$aCities = City::newInstance()->findByRegion($user['fk_i_region_id']);
} else {
if (count($aRegions) > 0) {
$aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
}
}
//calling the view...
$this->_exportVariableToView('countries', $aCountries);
$this->_exportVariableToView('regions', $aRegions);
$this->_exportVariableToView('cities', $aCities);
$this->_exportVariableToView('user', $user);
$this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled());
$this->doView('user-profile.php');
break;
case 'profile_post':
//profile post...
osc_csrf_check();
$userId = Session::newInstance()->_get('userId');
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(false);
$success = $userActions->edit($userId);
if ($success == 1 || $success == 2) {
osc_add_flash_ok_message(_m('Your profile has been updated successfully'));
} else {
osc_add_flash_error_message($success);
}
$this->redirectTo(osc_user_profile_url());
break;
case 'alerts':
//alerts
$aAlerts = Alerts::newInstance()->findByUser(Session::newInstance()->_get('userId'), false);
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
foreach ($aAlerts as $k => $a) {
$array_conditions = (array) json_decode($a['s_search']);
// $search = Search::newInstance();
$search = new Search();
$search->setJsonAlert($array_conditions);
$search->limit(0, 3);
$aAlerts[$k]['items'] = $search->doSearch();
}
$this->_exportVariableToView('alerts', $aAlerts);
View::newInstance()->_reset('alerts');
$this->_exportVariableToView('user', $user);
$this->doView('user-alerts.php');
break;
case 'change_email':
//change email
$this->doView('user-change_email.php');
break;
case 'change_email_post':
//change email post
osc_csrf_check();
if (!osc_validate_email(Params::getParam('new_email'))) {
osc_add_flash_error_message(_m('The specified e-mail is not valid'));
$this->redirectTo(osc_change_user_email_url());
} else {
$user = User::newInstance()->findByEmail(Params::getParam('new_email'));
if (!isset($user['pk_i_id'])) {
$userEmailTmp = array();
$userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId');
$userEmailTmp['s_new_email'] = Params::getParam('new_email');
UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp);
$code = osc_genRandomPassword(30);
$date = date('Y-m-d H:i:s');
$userManager = new User();
$userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId')));
$validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code);
osc_run_hook('hook_email_new_email', Params::getParam('new_email'), $validation_url);
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('The specified e-mail is already in use'));
$this->redirectTo(osc_change_user_email_url());
}
}
break;
case 'change_username':
//change username
$this->doView('user-change_username.php');
break;
case 'change_username_post':
//change username
$username = osc_sanitize_username(Params::getParam('s_username'));
osc_run_hook('before_username_change', Session::newInstance()->_get('userId'), $username);
if ($username != '') {
$user = User::newInstance()->findByUsername($username);
if (isset($user['s_username'])) {
osc_add_flash_error_message(_m('The specified username is already in use'));
} else {
if (!osc_is_username_blacklisted($username)) {
User::newInstance()->update(array('s_username' => $username), array('pk_i_id' => Session::newInstance()->_get('userId')));
osc_add_flash_ok_message(_m('The username was updated'));
osc_run_hook('after_username_change', Session::newInstance()->_get('userId'), Params::getParam('s_username'));
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('The specified username is not valid, it contains some invalid words'));
}
}
} else {
osc_add_flash_error_message(_m('The specified username could not be empty'));
}
$this->redirectTo(osc_change_user_username_url());
break;
case 'change_password':
//change password
$this->doView('user-change_password.php');
break;
case 'change_password_post':
//change password post
osc_csrf_check();
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
if (Params::getParam('password', false, false) == '' || Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') {
osc_add_flash_warning_message(_m('Password cannot be blank'));
$this->redirectTo(osc_change_user_password_url());
}
if (!osc_verify_password(Params::getParam('password', false, false), $user['s_password'])) {
osc_add_flash_error_message(_m("Current password doesn't match"));
$this->redirectTo(osc_change_user_password_url());
}
if (!Params::getParam('new_password', false, false)) {
osc_add_flash_error_message(_m("Passwords can't be empty"));
$this->redirectTo(osc_change_user_password_url());
}
if (Params::getParam('new_password', false, false) != Params::getParam('new_password2', false, false)) {
osc_add_flash_error_message(_m("Passwords don't match"));
$this->redirectTo(osc_change_user_password_url());
}
User::newInstance()->update(array('s_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => Session::newInstance()->_get('userId')));
osc_add_flash_ok_message(_m('Password has been changed'));
$this->redirectTo(osc_user_profile_url());
break;
case 'items':
// view items user
$itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 10;
$page = Params::getParam('iPage') > 0 ? Params::getParam('iPage') - 1 : 0;
$itemType = Params::getParam('itemType');
$total_items = Item::newInstance()->countItemTypesByUserID(osc_logged_user_id(), $itemType);
$total_pages = ceil($total_items / $itemsPerPage);
$items = Item::newInstance()->findItemTypesByUserID(osc_logged_user_id(), $page * $itemsPerPage, $itemsPerPage, $itemType);
$this->_exportVariableToView('items', $items);
$this->_exportVariableToView('search_total_pages', $total_pages);
$this->_exportVariableToView('search_total_items', $total_items);
$this->_exportVariableToView('items_per_page', $itemsPerPage);
$this->_exportVariableToView('items_type', $itemType);
$this->_exportVariableToView('search_page', $page);
$this->doView('user-items.php');
break;
case 'activate_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$result = 0;
if ($email != '' && $secret != '') {
$result = Alerts::newInstance()->activate($email, $secret);
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Alert activated'));
} else {
osc_add_flash_error_message(_m('Oops! There was a problem trying to activate your alert. Please contact an administrator'));
}
$this->redirectTo(osc_base_url());
break;
case 'unsub_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$alert = Alerts::newInstance()->findByPrimaryKey($id);
$result = 0;
if (!empty($alert)) {
if ($email == $alert['s_email'] && $secret == $alert['s_secret']) {
$result = Alerts::newInstance()->unsub($id);
}
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Unsubscribed correctly'));
} else {
osc_add_flash_error_message(_m('Oops! There was a problem trying to unsubscribe you. Please contact an administrator'));
}
$this->redirectTo(osc_user_alerts_url());
break;
case 'delete':
$id = Params::getParam('id');
$secret = Params::getParam('secret');
if (osc_is_web_user_logged_in()) {
$user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
View::newInstance()->_exportVariableToView('user', $user);
if (!empty($user) && osc_logged_user_id() == $id && $secret == $user['s_secret']) {
User::newInstance()->deleteUser(osc_logged_user_id());
Session::newInstance()->_drop('userId');
Session::newInstance()->_drop('userName');
Session::newInstance()->_drop('userEmail');
Session::newInstance()->_drop('userPhone');
Cookie::newInstance()->pop('oc_userId');
Cookie::newInstance()->pop('oc_userSecret');
Cookie::newInstance()->set();
osc_add_flash_ok_message(_m("Your account have been deleted"));
$this->redirectTo(osc_base_url());
} else {
osc_add_flash_error_message(_m("Oops! you can not do that"));
$this->redirectTo(osc_user_dashboard_url());
}
} else {
osc_add_flash_error_message(_m("Oops! you can not do that"));
$this->redirectTo(osc_base_url());
}
break;
}
}
function doModel()
{
switch ($this->action) {
case 'login_post':
//post execution for the login
$user = User::newInstance()->findByEmail(Params::getParam('email'));
if (!$user) {
osc_add_flash_message(_m('The username doesn\'t exist'));
$this->redirectTo(osc_user_login_url());
}
if (!$user['b_enabled']) {
osc_add_flash_message(_m('The user has not been validated yet'));
$this->redirectTo(osc_user_login_url());
}
if ($user["s_password"] == sha1(Params::getParam('password'))) {
if (Params::getParam('remember') == 1) {
//this include contains de osc_genRandomPassword function
require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
$secret = osc_genRandomPassword();
User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id']));
Cookie::newInstance()->set_expires(osc_time_cookie());
Cookie::newInstance()->push('oc_userId', $user['pk_i_id']);
Cookie::newInstance()->push('oc_userSecret', $secret);
Cookie::newInstance()->set();
}
//we are logged in... let's go!
Session::newInstance()->_set('userId', $user['pk_i_id']);
Session::newInstance()->_set('userName', $user['s_name']);
Session::newInstance()->_set('userEmail', $user['s_email']);
$phone = $user['s_phone_mobile'] ? $user['s_phone_mobile'] : $user['s_phone_land'];
Session::newInstance()->_set('userPhone', $phone);
} else {
osc_add_flash_message(_m('The password is incorrect'));
}
//returning logged in to the main page...
$this->redirectTo(osc_user_dashboard_url());
break;
case 'recover':
//form to recover the password (in this case we have the form in /gui/)
$this->doView('user-recover.php');
break;
case 'recover_post':
//post execution to recover the password
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(false);
$recaptcha_ok = $userActions->recover_password();
if ($recaptcha_ok) {
// We ALWAYS show the same message, so we don't give clues about which emails are in our database and which don't!
osc_add_flash_message(_m('We have sent you an email with the instructions to reset your password'));
$this->redirectTo(osc_base_url());
} else {
osc_add_flash_message(_m('The recaptcha code is wrong'));
$this->redirectTo(osc_recover_user_password_url());
}
break;
case 'forgot':
//form to recover the password (in this case we have the form in /gui/)
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user) {
$this->doView('user-forgot_password.php');
} else {
osc_add_flash_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
break;
case 'forgot_post':
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user) {
if (Params::getParam('new_password') == Params::getParam('new_password2')) {
User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => $_SERVER['REMOTE_ADDR'], 's_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => $user['pk_i_id']));
osc_add_flash_message(_m('The password has been changed'));
$this->redirectTo(osc_user_login_url());
} else {
osc_add_flash_message(_m('Error, the password don\'t match'));
$this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
}
} else {
osc_add_flash_message(_m('Sorry, the link is not valid'));
}
$this->redirectTo(osc_base_url());
break;
default:
//login
if (osc_logged_user_id() != '') {
$this->redirectTo(osc_user_dashboard_url());
}
$this->doView('user-login.php');
}
}
function doModel()
{
//calling the view...
$locales = OSCLocale::newInstance()->listAllEnabled();
$this->_exportVariableToView('locales', $locales);
switch ($this->action) {
case 'item_add':
// post
if (!osc_users_enabled()) {
osc_add_flash_message(_m('Users not enabled'));
$this->redirectTo(osc_base_url(true));
}
if (osc_reg_user_post() && $this->user == null) {
// CHANGEME: This text
osc_add_flash_message(_m('Only registered users are allowed to post items'));
$this->redirectTo(osc_user_login_url());
}
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
}
}
$this->_exportVariableToView('countries', $countries);
$this->_exportVariableToView('regions', $regions);
$this->_exportVariableToView('cities', $cities);
$this->_exportVariableToView('user', $this->user);
osc_run_hook('post_item');
$this->doView('item-post.php');
break;
case 'item_add_post':
//post_item
if (!osc_users_enabled()) {
osc_add_flash_message(_m('Users not allowed'));
$this->redirectTo(osc_base_url(true));
}
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_message(_m('Only registered users are allowed to post items'));
$this->redirectTo(osc_base_url(true));
}
// POST ITEM ( ADD ITEM )
$mItems = new ItemActions(false);
$success = $mItems->add();
if ($success) {
$PcontactName = Params::getParam('contactName');
$PcontactEmail = Params::getParam('contactEmail');
$itemId = Params::getParam('itemId');
$item = array();
if (Session::newInstance()->_get('userId') == '') {
$mPages = new Page();
$aPage = $mPages->findByInternalName('email_new_item_non_register_user');
$locale = osc_current_user_locale();
$content = array();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
$item = $this->itemManager->findByPrimaryKey($itemId);
$item_url = osc_item_url();
// before page = user , action = item_edit
$edit_url = osc_item_edit_url($item['s_secret'], $itemId);
// before page = user , action = item_delete
$delete_url = osc_item_delete_url($item['s_secret'], $itemId);
$words = array();
$words[] = array('{ITEM_ID}', '{USER_NAME}', '{USER_EMAIL}', '{WEB_URL}', '{ITEM_TITLE}', '{ITEM_URL}', '{WEB_TITLE}', '{EDIT_LINK}', '{EDIT_URL}', '{DELETE_LINK}', '{DELETE_URL}');
$words[] = array($itemId, $PcontactName, $PcontactEmail, osc_base_url(), $item['s_title'], $item_url, osc_page_title(), '<a href="' . $edit_url . '">' . $edit_url . '</a>', $edit_url, '<a href="' . $delete_url . '">' . $delete_url . '</a>', $delete_url);
$title = osc_mailBeauty($content['s_title'], $words);
$body = osc_mailBeauty($content['s_text'], $words);
$emailParams = array('subject' => $title, 'to' => $PcontactEmail, 'to_name' => $PcontactName, 'body' => $body, 'alt_body' => $body);
osc_sendMail($emailParams);
}
osc_run_hook('posted_item', $item);
$category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
View::newInstance()->_exportVariableToView('category', $category);
$this->redirectTo(osc_search_category_url());
} else {
$this->redirectTo(osc_item_post_url());
}
break;
case 'item_edit':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$item = Item::newInstance()->findByPrimaryKey($id);
$categories = Category::newInstance()->toTree();
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
}
}
$currencies = Currency::newInstance()->listAll();
$this->_exportVariableToView('item', $item);
//$this->_exportVariableToView('user', $this->user) ;
$this->doView('item-edit.php');
} else {
// add a flash message [ITEM NO EXISTE]
//$this->redirectTo(osc_base_url(true));
osc_add_flash_message(_m('Sorry, we don\'t have any items with that ID'));
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
}
break;
case 'item_edit_post':
// recoger el secret y el
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$this->_exportVariableToView('item', $item[0]);
$mItems = new ItemActions(false);
$success = $mItems->edit();
if ($success) {
osc_add_flash_message(_m('Great! We\'ve just updated your item'));
$this->redirectTo(osc_base_url(true) . "?page=item&id={$id}");
} else {
$this->redirectTo(osc_item_edit_url($secret));
}
}
break;
case 'activate':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
View::newInstance()->_exportVariableToView('item', $item[0]);
if ($item[0]['e_status'] == 'INACTIVE') {
// ACTIVETE ITEM
$mItems = new ItemActions(false);
$success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
if ($success) {
osc_add_flash_message(_m('The item has been validated'));
} else {
osc_add_flash_message(_m('The item can\'t be validated'));
}
} else {
osc_add_flash_message(_m('The item has already been validated'));
}
$this->redirectTo(osc_item_url());
break;
case 'item_delete':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$mItems = new ItemActions(false);
$success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
if ($success) {
osc_add_flash_message(_m('Your item has been deleted'));
} else {
osc_add_flash_message(_m('The item you are trying to delete couldn\'t be deleted'));
}
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_message(_m('The item you are trying to delete couldn\'t be deleted'));
$this->redirectTo(osc_base_url());
}
break;
case 'deleteResource':
$id = Params::getParam('id');
$item = Params::getParam('item');
$code = Params::getParam('code');
$secret = Params::getParam('secret');
// Check for required fields
if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
osc_add_flash_message(_m("The selected photo couldn't be deleted, the url doesn't exist"));
if ($this->userId == null) {
$this->redirectTo(osc_base_url());
} else {
$this->redirectTo(osc_user_dashboard_url());
}
}
$aItem = $this->itemManager->findByPrimaryKey($item);
// Check if the item exists
if (count($aItem) == 0) {
osc_add_flash_message(_m('The item doesn\'t exist'));
$this->redirectTo(osc_base_url());
}
// Check if the item belong to the user
if ($this->userId != null && $this->userId != $aItem['fk_i_user_id']) {
osc_add_flash_message(_m('The item doesn\'t belong to you'));
$this->redirectTo(osc_item_url_ns($item));
}
// Check if the secret passphrase match with the item
if ($this->userId == null && $secret != $aItem['s_secret']) {
osc_add_flash_message(_m('The item doesn\'t belong to you'));
$this->redirectTo(osc_item_url_ns($item));
}
// Does id & code combination exist?
$result = ItemResource::newInstance()->getResourceSecure($id, $code);
if ($result > 0) {
// Delete: file, db table entry
osc_deleteResource($id);
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
osc_add_flash_message(_m('The selected photo has been successfully deleted'));
} else {
osc_add_flash_message(_m("The selected photo couldn't be deleted"));
}
// Redirect to item_edit. If unregistered user, include $secret.
$this->redirectTo(osc_item_edit_url($secret, $item));
break;
case 'mark':
$mItem = new ItemActions(false);
$id = Params::getParam('id');
$as = Params::getParam('as');
$item = Item::newInstance()->findByPrimaryKey($id);
View::newInstance()->_exportVariableToView('item', $item);
$mItem->mark($id, $as);
osc_add_flash_message(_m('Thanks! That\'s very helpful'));
$this->redirectTo(osc_item_url());
break;
case 'send_friend':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
$this->doView('item-send-friend.php');
break;
case 'send_friend_post':
$mItem = new ItemActions(false);
$mItem->send_friend();
$item_url = Params::getParam('item_url');
$this->redirectTo($item_url);
break;
case 'contact':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
if ($category['i_expiration_days'] > 0) {
$item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600);
$date = time();
if ($item_date < $date) {
// The item is expired, we can not contact the seller
osc_add_flash_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
$this->redirectTo(osc_create_item_url($item));
}
}
$this->_exportVariableToView('item', $item);
$this->doView('item-contact.php');
break;
case 'contact_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
if ($category['i_expiration_days'] > 0) {
$item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600);
$date = time();
if ($item_date < $date) {
// The item is expired, we can not contact the seller
osc_add_flash_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
$this->redirectTo(osc_item_url());
}
}
$mItem = new ItemActions(false);
$mItem->contact();
osc_add_flash_message(_m('We\'ve just sent an e-mail to the seller'));
$this->redirectTo(osc_item_url());
break;
case 'add_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
switch ($status) {
case -1:
$msg = _m('Sorry, we could not save your comment. Try again later');
break;
case 1:
$msg = _m('Your comment is awaiting moderation');
break;
case 2:
$msg = _m('Your comment has been approved');
break;
case 3:
$msg = _m('Please fill the required fields (name, email)');
break;
case 4:
$msg = _m('Please type a comment');
break;
case 5:
$msg = _m('Your comment has been marked as spam');
break;
}
osc_add_flash_message($msg);
$this->redirectTo(Params::getParam('itemURL'));
break;
case 'delete_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
$itemId = Params::getParam('id');
$commentId = Params::getParam('comment');
$item = Item::newInstance()->findByPrimaryKey($itemId);
if (count($item) == 0) {
osc_add_flash_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
}
View::newInstance()->_exportVariableToView('item', $item);
if ($this->userId == null) {
osc_add_flash_message(_m('You have to be logged to delete a comment'));
$this->redirectTo(osc_item_url());
}
$commentManager = ItemComment::newInstance();
$aComment = $commentManager->findByPrimaryKey($commentId);
if (count($aComment) == 0) {
osc_add_flash_message(_m('The comment doesn\'t exist'));
$this->redirectTo(osc_item_url());
}
if ($aComment['e_status'] != 'ACTIVE') {
osc_add_flash_message(_m('The comment is not active, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
if ($aComment['fk_i_user_id'] != $this->userId) {
osc_add_flash_message(_m('You cannot delete the comment'));
$this->redirectTo(osc_item_url());
}
$commentManager->deleteByPrimaryKey($commentId);
osc_add_flash_message(_m('The comment has been deleted correctly'));
$this->redirectTo(osc_item_url());
break;
default:
if (Params::getParam('id') == '') {
$this->redirectTo(osc_base_url());
}
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
// if item doesn't exist redirect to base url
if (count($item) == 0) {
osc_add_flash_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
} else {
if ($item['e_status'] != 'ACTIVE') {
if ($this->userId == $item['fk_i_user_id']) {
osc_add_flash_message(_m('The item hasn\'t been validated. Please validate it in order to show it to the rest of users'));
} else {
osc_add_flash_message(_m('This item hasn\'t been validated'));
$this->redirectTo(osc_base_url(true));
}
}
$mStats = new ItemStats();
$mStats->increase('i_num_views', $item['pk_i_id']);
foreach ($item['locale'] as $k => $v) {
$item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
$item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
}
$this->_exportVariableToView('items', array($item));
osc_run_hook('show_item', $item);
$this->doView('item.php');
}
break;
case 'dashboard':
//dashboard...
break;
}
}
<?php
$data = payment_get_custom(Params::getParam('extra'));
$url = osc_base_url();
if (isset($data['product']) && isset($data['itemid'])) {
$product = explode('x', $data['product']);
if ($product[0] == '301') {
// PACK PAYMENT FROM USER'S DASHBOARD
$url = osc_user_dashboard_url();
} else {
$item = Item::newInstance()->findByPrimaryKey($data['itemid']);
$category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
View::newInstance()->_exportVariableToView('category', $category);
$url = osc_search_category_url();
}
} else {
}
osc_add_flash_error_message(__('You cancel the payment process or there was an error. If the error continue, please contact the administrator', 'payment'));
_e('You cancel the payment process or there was an error. If the error continue, please contact the administrator', 'payment');
payment_js_redirect_to($url);
function get_menu_options()
{
$options = array();
$options[] = array('name' => __('Public Profile'), 'url' => osc_user_public_profile_url(osc_logged_user_id()), 'class' => 'opt_publicprofile');
$options[] = array('name' => __('Dashboard'), 'url' => osc_user_dashboard_url(), 'class' => 'opt_dashboard');
$options[] = array('name' => __('Manage your listings'), 'url' => osc_user_list_items_url(), 'class' => 'opt_items');
$options[] = array('name' => __('Manage your alerts'), 'url' => osc_user_alerts_url(), 'class' => 'opt_alerts');
$options[] = array('name' => __('My profile'), 'url' => osc_user_profile_url(), 'class' => 'opt_account');
$options[] = array('name' => __('Logout'), 'url' => osc_user_logout_url(), 'class' => 'opt_logout');
return $options;
}
public function init()
{
if (in_array($this->getLocation(), array('item', 'page', 'search', 'login', 'register', 'user', 'contact'))) {
$l = array('url' => osc_base_url(), 'title' => osc_page_title());
$this->addLevel($l);
}
switch ($this->getLocation()) {
case 'item':
if ($this->getSection() == 'item_add') {
$l = array('title' => $this->title['item_add']);
$this->addLevel($l);
break;
}
$aCategory = osc_get_category('id', osc_item_category_id());
// remove
View::newInstance()->_erase('categories');
View::newInstance()->_erase('subcategories');
View::newInstance()->_exportVariableToView('category', $aCategory);
$l = array('url' => osc_search_category_url(), 'title' => osc_category_name());
$this->addLevel($l);
switch ($this->getSection()) {
case 'item_edit':
$l = array('url' => osc_item_url(), 'title' => osc_item_title());
$this->addLevel($l);
$l = array('title' => $this->title['item_edit']);
$this->addLevel($l);
break;
case 'send_friend':
$l = array('url' => osc_item_url(), 'title' => osc_item_title());
$this->addLevel($l);
$l = array('title' => $this->title['item_send_friend']);
$this->addLevel($l);
break;
case 'contact':
$l = array('url' => osc_item_url(), 'title' => osc_item_title());
$this->addLevel($l);
$l = array('title' => $this->title['item_contact']);
$this->addLevel($l);
break;
case '':
$l = array('title' => osc_item_title());
$this->addLevel($l);
break;
}
break;
case 'search':
$region = osc_search_region();
$city = osc_search_city();
$pattern = osc_search_pattern();
$category = osc_search_category_id();
$category = count($category) == 1 ? $category[0] : '';
$b_show_all = $pattern == '' && $category == '' && $region == '' && $city == '';
$b_category = $category != '';
$b_pattern = $pattern != '';
$b_region = $region != '';
$b_city = $city != '';
$b_location = $b_region || $b_city;
// show all
if ($b_show_all) {
$l = array('title' => $this->title['search']);
$this->addLevel($l);
break;
}
// category
if ($b_category) {
$aCategories = Category::newInstance()->toRootTree($category);
foreach ($aCategories as $c) {
View::newInstance()->_erase('categories');
View::newInstance()->_erase('subcategories');
View::newInstance()->_exportVariableToView('category', $c);
$l = array('url' => osc_search_category_url(), 'title' => osc_category_name());
$this->addLevel($l);
}
}
// location
if ($b_location) {
$params = array();
if ($b_category) {
$params['sCategory'] = $category;
}
if ($b_city) {
//print_r("~~~~~~~~~~~~~~~~~~~".$city."~~~~~~~~~~~~~~~~~~~~");
$aCity = City::newInstance()->findByName($city);
if (count($aCity) == 0) {
$params['sCity'] = $city;
$l = array('url' => osc_search_url($params), 'title' => $city);
$this->addLevel($l);
} else {
$aRegion = Region::newInstance()->findByPrimaryKey($aCity['fk_i_region_id']);
$params['sRegion'] = $aRegion['s_name'];
$l = array('url' => osc_search_url($params), 'title' => $aRegion['s_name']);
$this->addLevel($l);
$params['sCity'] = $aCity['s_name'];
$l = array('url' => osc_search_url($params), 'title' => $aCity['s_name']);
$this->addLevel($l);
}
} else {
if ($b_region) {
$params['sRegion'] = $region;
$l = array('url' => osc_search_url($params), 'title' => $region);
$this->addLevel($l);
}
}
}
// pattern
if ($b_pattern) {
$l = array('title' => sprintf($this->title['search_pattern'], $pattern));
$this->addLevel($l);
}
// remove url from the last node
$nodes = $this->getaLevel();
if ($nodes > 0) {
if (array_key_exists('url', $nodes[count($nodes) - 1])) {
unset($nodes[count($nodes) - 1]['url']);
}
}
$this->setaLevel($nodes);
break;
case 'user':
// use dashboard without url if you're in the dashboards
if ($this->getSection() == 'dashboard') {
$l = array('title' => $this->title['user_dashboard']);
$this->addLevel($l);
break;
}
// use dashboard without url if you're in the dashboards
if ($this->getSection() == 'pub_profile') {
$l = array('title' => sprintf($this->title['user_dashboard_profile'], osc_user_name()));
$this->addLevel($l);
break;
}
$l = array('url' => osc_user_dashboard_url(), 'title' => $this->title['user_account']);
$this->addLevel($l);
switch ($this->getSection()) {
case 'items':
$l = array('title' => $this->title['user_items']);
$this->addLevel($l);
break;
case 'alerts':
$l = array('title' => $this->title['user_alerts']);
$this->addLevel($l);
break;
case 'profile':
$l = array('title' => $this->title['user_profile']);
$this->addLevel($l);
break;
case 'change_email':
$l = array('title' => $this->title['user_change_email']);
$this->addLevel($l);
break;
case 'change_password':
$l = array('title' => $this->title['user_change_password']);
$this->addLevel($l);
break;
case 'change_username':
$l = array('title' => $this->title['user_change_username']);
$this->addLevel($l);
break;
}
break;
case 'login':
switch ($this->getSection()) {
case 'recover':
$l = array('title' => $this->title['login_recover']);
$this->addLevel($l);
break;
case 'forgot':
$l = array('title' => $this->title['login_forgot']);
$this->addLevel($l);
break;
case '':
$l = array('title' => $this->title['login']);
$this->addLevel($l);
break;
}
break;
case 'register':
$l = array('title' => $this->title['register']);
$this->addLevel($l);
break;
case 'page':
$l = array('title' => osc_static_page_title());
$this->addLevel($l);
break;
case 'contact':
$l = array('title' => $this->title['contact']);
$this->addLevel($l);
break;
}
}
